1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
Description: fix information disclosure via recovery mount in /tmp
Author: Marc Deslauriers <marc.deslauriers@canonical.com>
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/732628
Index: ecryptfs-utils-87/src/utils/ecryptfs-recover-private
===================================================================
--- ecryptfs-utils-87.orig/src/utils/ecryptfs-recover-private 2011-07-27 10:55:55.759472358 -0400
+++ ecryptfs-utils-87/src/utils/ecryptfs-recover-private 2011-07-27 10:56:02.609472355 -0400
@@ -95,6 +95,7 @@
(keyctl list @u | grep -qs "$mount_sig") || error "The key required to access this private data is not available."
(keyctl list @u | grep -qs "$fnek_sig") || error "The key required to access this private data is not available."
tmpdir=$(mktemp -d /tmp/ecryptfs.XXXXXXXX)
- mount -i -t ecryptfs -o "$mount_opts" "$d" "$tmpdir"
- info "Success! Private data mounted read-only at [$tmpdir]."
+ mkdir -m 700 $tmpdir/private
+ mount -i -t ecryptfs -o "$mount_opts" "$d" "$tmpdir/private"
+ info "Success! Private data mounted read-only at [$tmpdir/private]."
done
|
